Archive for October, 2010

RouterOS Mac-Telnet application for Linux users

Earlier, I wrote about a Wireshark plugin for dissecting Mac-Telnet packets. Now I have created an open source application for connecting to a RouterOS router via its MAC address from Linux without having to install Wine. At the time of writing the project is still in “alpha” stage. But it is fully functional. Though it will probably be rewritten soon. I feel that the second time you write the same application, it tends to be more robust and thought through.. The first time is more of a proof of concept, and I let myself do a lot of short-cuts, just to be able to see it working.

The source code can be found at github. Just find the “download source” link at the top of the page.

To compile it, simply untar it, and compile it with “make” .
Because it needs to alter the frame headers, it uses RAW sockets, which means that you will need root access to use this tool.

To find the MAC address of connected routers, try the included tool mndp. It might take up to 2 minutes to find all routers, since it is a passive tool that waits for the routers to broadcast their info on the network:

# ./mndp
Searching for MikroTik routers... Abort with CTRL+C.
  0:c:42:43:58:a5 HMG

HMG is my name of the found router, set in the Identity section of the router.

Here are some mac-telnet usage information:

# ./mactelnet --help
Usage: ./mactelnet <ifname> <MAC> <username> [password]
 
Parameters:
  ifname    Network interface that the RouterOS resides on. (ex: eth0)
  MAC       MAC-Address of the RouterOS device. Use mndp to discover them.
  username  Your username.
  password  Your password.

Tip: Log out using CTRL+D on your keyboard.

Usage example:

# sudo ./mactelnet eth0 0:c:42:43:58:a5 admin mysecretpass
Connecting to 0:c:42:43:58:a5...done
 
 
  MMM      MMM       KKK                          TTTTTTTTTTT      KKK
  MMMM    MMMM       KKK                          TTTTTTTTTTT      KKK
  MMM MMMM MMM  III  KKK  KKK  RRRRRR     OOOOOO      TTT     III  KKK  KKK
  MMM  MM  MMM  III  KKKKK     RRR  RRR  OOO  OOO     TTT     III  KKKKK
  MMM      MMM  III  KKK KKK   RRRRRR    OOO  OOO     TTT     III  KKK KKK
  MMM      MMM  III  KKK  KKK  RRR  RRR   OOOOOO      TTT     III  KKK  KKK
 
  MikroTik RouterOS 4.0 (c) 1999-2009       http://www.mikrotik.com/
 
 
[admin@HMG] >

[UPDATE]
Omni Flux sent me a patch that speeds up the MNDP discovery time by sending out a MNDP request before waiting for replies. Thanks!

He also informed me that his tests showed that you could send all the mac-telnet traffic to- and from- the broadcast address. This means that you would not need socket_raw (read: root privileges) capabillities to be able to send data to the router.

So the latest version of mactelnet, now also as a binary .deb package below, can be used without root privileges, unless you don’t want all data from your session to be broadcasted on your local network. You can optionally use the “old” method, where it uses the destination routers mac address as destination instead of broadcast.

Heres the latest “stable”: v0.1 version
Source tarball
Ubuntu/Debian binary package

Last commits on MAC-Telnet at GitHub